home

www.benzul.com

Domain Information

Server location:
Arizona, United States (US)

ASN:
AS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC,US

Root domain:
benzul.com

Scanner detections:
Malware distribution  (100% detected)

Scan engine
Details
Detections

ESET NOD32
Win32/Sality.NBA virus
100.00%

Dr.Web
Win32.Sector.30
100.00%

Microsoft Security Essentials
Threat.Undefined
100.00%

Emsisoft Anti-Malware
Win32.Sality
100.00%

McAfee
Virus.W32/Sality.gen.z
100.00%

avast!
Win32:SaliCode
100.00%

Norman
Win32.Sality.3
100.00%

F-Prot
W32/Sality.gen2
100.00%

AVG
Win32/Sality
100.00%

Kaspersky
Virus.Win32.Sality
100.00%

The domain www.benzul.com has been seen to resolve to the following IP address.

184.168.221.38
ip-184-168-221-38.ip.secureserver.net
June 18, 2016

File downloads found at URLs served by www.benzul.com.

10 / 68    (Infected)
http://www.benzul.com/.../ActivatorSetup.exe  (885e335fb57c9623c6568a20f52f081a)

The following 13 files have been seen to comunicate with www.benzul.com in live environments.

TCP » 184.168.221.38:80
bfa0d68f.exe (Client Server Runtime Process by Microsoft)

TCP » 184.168.221.38:80
online-guardian-v2.0.9.exe

TCP » 184.168.221.38:80
jingling.exe

TCP » 184.168.221.38:80
updater.exe

TCP » 184.168.221.38:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.168.221.38:80
UCBrowser.exe (by UCWeb)

TCP » 184.168.221.38:80
ContentFinder.exe (ContentFinder by ContentFinder Company)

TCP » 184.168.221.38:80
online-guardian-v2.0.9.exe

TCP » 184.168.221.38:80
ContentFinder.exe (ContentFinder by DigitalSoftware Group)

TCP » 184.168.221.38:25
www.exe

TCP » 184.168.221.38:80
unipdf-installer.exe

TCP » 184.168.221.38:25
init.exe

TCP » 184.168.221.38:80
produpd.exe (produpd.exe by Vested Development, Inc)

0107tech.info

7petabytes.com

cloudprogem.com

convert-plc.com

devspeech.info

downloadbeiphuwooxee.com

downloaddesktop3.info

downloadnet.org

downward234.info

file21desktop.com

flvvideodownload.com

freefaire.com

gencloudex.com

ibxdnl.com

installerlaunch-gn2.com

isoftpal.mobi

mattjrosenberg.com

neosoft-tools.com

onlinevideopctools.com

pcfixer.co

perfectcheatversions.info

softiappspeed.com

softrelay.info

visionaryhyper.info

vulcanbids.info

y0191.info

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.